bugzilla.mozilla.org has resumed normal operation. Attachments prior to 2014 will be unavailable for a few days. This is tracked in Bug 1475801.
Please report any other irregularities here.

Unable to open LDAP on Active Directory

RESOLVED WORKSFORME

Status

MailNews Core
LDAP Integration
RESOLVED WORKSFORME
10 years ago
9 years ago

People

(Reporter: Ferran Busquets, Unassigned)

Tracking

1.8 Branch
x86
Windows XP

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

10 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.6) Gecko/2009011913 Firefox/3.0.6
Build Identifier: Thunderbid version 2.0.0.19 (20081209)

I'm unable to create LDAP connection to Active Directory for Address Book. I've tried a lot of times, searching on Internet and no way.

I've checked the AD configuration with other tool (Apache Directory Studio) and all seems ok. 



Reproducible: Always

Steps to Reproduce:
1. Followed the steps on: http://kb.mozillazine.org/LDAP_access_via_Address_Book
2. Open again the LDAP properties
3. Open tab "Offline" and "download now"

Actual Results:  
Shows "Download failed". Any way, no possible to get any autocomplete address

Expected Results:  
Show any element on autocomplete address

The prefs.js shows this parameters:

user_pref("ldap_2.autoComplete.directoryServer", "ldap_2.servers.sadurni");
user_pref("ldap_2.servers.sadurni.auth.dn", "ARRELS\\fbusquets");
user_pref("ldap_2.servers.sadurni.auth.savePassword", true);
user_pref("ldap_2.servers.sadurni.description", "sadurni");
user_pref("ldap_2.servers.sadurni.filename", "abook-7.mab");
user_pref("ldap_2.servers.sadurni.maxHits", 0);
user_pref("ldap_2.servers.sadurni.replication.lastChangeNumber", 0);
user_pref("ldap_2.servers.sadurni.uri", "ldap://192.168.0.223:389/OU=Oficines,DC=Arrels,DC=Local??sub?(objectclass=*)");

Trying to connect with Apache Directory Studio connects fine:

#!SEARCH REQUEST (344) OK
#!CONNECTION ldap://192.168.0.223:389
#!DATE 2009-02-09T13:44:07.550
# LDAP URL     : ldap://192.168.0.223:389/OU=Oficines,DC=Arrels,DC=Local?*??(objectClass=*)
# command line : ldapsearch -H ldap://192.168.0.223:389 -x -D "ARRELS\fbusquets" -W -b "OU=Oficines,DC=Arrels,DC=Local" -s base -a always "(objectClass=*)" "*"
# baseObject   : OU=Oficines,DC=Arrels,DC=Local
# scope        : baseObject (0)
# derefAliases : derefAlways (3)
# sizeLimit    : 0
# timeLimit    : 0
# typesOnly    : False
# filter       : (objectClass=*)
# attributes   : *

#!SEARCH RESULT DONE (344) OK
#!CONNECTION ldap://192.168.0.223:389
#!DATE 2009-02-09T13:44:07.550
# numEntries : 1

Furthermore, I've tried to show log results creating a cmd file like this:

set NSPR_LOG_MODULES=ldap:5
set NSPR_LOG_FILE=c:\ldap.log
"C:\Archivos de programa\Mozilla Thunderbird\thunderbird.exe"

The ldap.log shows:

0[284928]: nsLDAPOperation::SimpleBind(): called; bindName = ''; 
284[35a8110]: nsLDAPConnection::Run() entered
0[284928]: pending operation added; total pending operations now = 1
0[284928]: nsLDAPOperation::SearchExt(): called with aBaseDn = 'OU=Oficines,DC=Arrels,DC=Local'; aFilter = '(objectclass=*)', aAttrCounts = 0, aSizeLimit = 0
0[284928]: pending operation added; total pending operations now = 2
284[35a8110]: pending operation removed; total pending operations now = 1
284[35a8110]: pending operation removed; total pending operations now = 0
284[35a8110]: unbinding
284[35a8110]: unbound
(Reporter)

Comment 1

10 years ago
On the prefs.js, shows 

user_pref("ldap_2.servers.sadurni.maxHits", 0);

I recreated again the connection and now it's ok, the prefs.js shows:

user_pref("ldap_2.servers.sadurni.position", 0);
user_pref("ldap_2.servers.sadurni_1.auth.dn", "ARRELS\\fbusquets");
user_pref("ldap_2.servers.sadurni_1.auth.savePassword", true);
user_pref("ldap_2.servers.sadurni_1.description", "sadurni");
user_pref("ldap_2.servers.sadurni_1.filename", "abook-7.mab");
user_pref("ldap_2.servers.sadurni_1.replication.lastChangeNumber", 0);
user_pref("ldap_2.servers.sadurni_1.uri", "ldap://192.168.0.223:389/OU=Oficines,DC=Arrels,DC=Local??sub?(objectclass=*)");

ldap.log shows:

0[284928]: nsLDAPOperation::SimpleBind(): called; bindName = ''; 
3764[354cee8]: nsLDAPConnection::Run() entered
0[284928]: pending operation added; total pending operations now = 1
0[284928]: nsLDAPOperation::SearchExt(): called with aBaseDn = 'OU=Oficines,DC=Arrels,DC=Local'; aFilter = '(objectclass=*)', aAttrCounts = 0, aSizeLimit = 0
0[284928]: pending operation added; total pending operations now = 2
3764[354cee8]: pending operation removed; total pending operations now = 1
3764[354cee8]: pending operation removed; total pending operations now = 0
3764[354cee8]: unbinding
3764[354cee8]: unbound

Sorry for the inconvenience.
Is there a reason why you chose to mark this bug as a security problem that needs to be kept hidden from the public? I'd like to remove that flag, unless you have a reason to object. The configuration data you've posted doesn't look sensitive, but I'd like to make sure.
(Reporter)

Comment 3

10 years ago
No reason to be a security bug.
Not a security bug. Removing security group restriction.
Group: core-security
Component: Address Book → LDAP Integration
Product: Thunderbird → MailNews Core
QA Contact: address-book → ldap-integration
Version: unspecified → 1.8 Branch
(Reporter)

Comment 5

10 years ago
It seems that it working but:

-When start to write a name while composing mail, no way to distinguish between a address-book entry and a LDAP entry. 
-Checking for addresses on Address-book entry for LDAP server, shows no results.
-No way to download addresses offline.

Comment 6

9 years ago
Per comment #5 WFM as original problem was solved
Status: UNCONFIRMED → RESOLVED
Last Resolved: 9 years ago
Resolution: --- → WORKSFORME
You need to log in before you can comment on or make changes to this bug.